Data & Privacy
- Data Act
- Data Governance Act
- ePrivacy Directive
- GDPR
AI & Trust
- Artificial Intelligence Act
Cybersecurity
- Cybersecurity Act
- DORA
- NIS2
Digital Services & Media
- Digital Markets Act
- Digital Services Act
- European Media Freedom Act
Data Act
- Recitals
CHAPTER I
GENERAL PROVISIONSArticles 1 — 2
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARINGArticles 3 — 7
CHAPTER III
OBLIGATIONS FOR DATA HOLDERS OBLIGED TO MAKE DATA AVAILABLE PURSUANT TO UNION LAWArticles 8 — 12
CHAPTER IV
UNFAIR CONTRACTUAL TERMS RELATED TO DATA ACCESS AND USE BETWEEN ENTERPRISESArticles 13 — 13
CHAPTER V
MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES, THE COMMISSION, THE EUROPEAN CENTRAL BANK AND UNION BODIES ON THE BASIS OF AN EXCEPTIONAL NEEDArticles 14 — 22
CHAPTER VI
SWITCHING BETWEEN DATA PROCESSING SERVICESArticles 23 — 31
CHAPTER VII
UNLAWFUL INTERNATIONAL GOVERNMENTAL ACCESS AND TRANSFER OF NON-PERSONAL DATAArticles 32 — 32
CHAPTER VIII
INTEROPERABILITYArticles 33 — 36
CHAPTER IX
IMPLEMENTATION AND ENFORCEMENTArticles 37 — 42
CHAPTER X
SUI GENERIS RIGHT UNDER DIRECTIVE 96/9/ECArticles 43 — 43
CHAPTER XI
FINAL PROVISIONSArticles 44 — 50
DA Article 28. Contractual transparency obligations on international access and transfer
- 1.Providers of data processing services shall make the following information available on their websites, and keep that information up to date:
- (a)the jurisdiction to which the ICT infrastructure deployed for data processing of their individual services is subject;
- (b)a general description of the technical, organisational and contractual measures adopted by the provider of data processing services in order to prevent international governmental access to or transfer of non-personal data held in the Union where such access or transfer would create a conflict with Union law or the national law of the relevant Member State.
- 2.The websites referred to in paragraph 1 shall be listed in contracts for all data processing services offered by providers of data processing services.
Relevant Recitals for this Article
Standardisation and semantic interoperability should play a key role to provide technical solutions to ensure interoperability within and among common European data spaces which are purpose or sector specific or cross-sectoral interoperable frameworks for common standards and practices to share or jointly process data for, inter alia, the development of new products and services, scientific research or civil society initiatives. This Regulation lays down certain essential requirements for interoperability. Participants in data spaces that offer data or data services to other participants, which are entities facilitating or engaging in data sharing within common European data spaces, including data holders, should comply with those requirements insofar as elements under their control are concerned. Compliance with those rules can be ensured by adhering to the essential requirements laid down in this Regulation, or presumed by complying with harmonised standards or common specifications via a presumption of conformity. In order to facilitate conformity with the requirements for interoperability, it is necessary to provide for a presumption of conformity of interoperability solutions that meet harmonised standards or parts thereof in accordance with Regulation (EU) No 1025/2012, which represents the framework by default to elaborate standards that provide for such presumptions. The Commission should assess barriers to interoperability and prioritise standardisation needs, on the basis of which it may request one or more European standardisation organisations, pursuant to Regulation (EU) No 1025/2012, to draft harmonised standards which satisfy the essential requirements laid down in this Regulation. Where such requests do not result in harmonised standards or such harmonised standards are insufficient to ensure conformity with the essential requirements of this Regulation, the Commission should be able to adopt common specifications in those areas provided that in so doing it duly respects the role and functions of standardisation organisations. Common specification should be adopted only as an exceptional fall-back solution to facilitate compliance with the essential requirements of this Regulation, or when the standardisation process is blocked, or when there are delays in the establishment of appropriate harmonised standards. Where a delay is due to the technical complexity of the standard in question, this should be considered by the Commission before contemplating the establishment of common specifications. Common specifications should be developed in an open and inclusive manner and take into account, where relevant, the advice of the European Data Innovation Board (EDIB) established by Regulation (EU) 2022/868. Additionally, common specifications in different sectors could be adopted, in accordance with Union or national law, on the basis of specific needs of those sectors. Furthermore, the Commission should be enabled to mandate the development of harmonised standards for the interoperability of data processing services.